Lucene search
K

6 matches found

Cvelist
Cvelist
added 2026/01/12 6:34 p.m.27 views

CVE-2026-22200 osTicket (1.18.x < 1.18.3, 1.17.x < 1.17.7) PDF Export Arbitrary File Read

Enhancesoft osTicket versions 1.18.x prior to 1.18.3 and 1.17.x prior to 1.17.7 contain an arbitrary file read vulnerability in the ticket PDF export functionality. A remote attacker can submit a ticket containing crafted rich-text HTML that includes PHP filter expressions which are insufficientl...

8.7CVSS0.73125EPSS
Exploits3References5
SUSE CVE
SUSE CVE
added 2023/02/15 6:19 a.m.7 views

SUSE CVE-2004-1293

Buffer overflow in the ReadFontTbl function in reader.c for rtf2latex2e 1.0fc2 allows remote attackers to execute arbitrary code via a crafted RTF file...

10CVSS8.2AI score0.13709EPSS
Exploits1References3
SUSE CVE
SUSE CVE
added 2023/02/15 6:11 a.m.3 views

SUSE CVE-2007-4510

ClamAV before 0.91.2, as used in Kolab Server 2.0 through 2.2beta1 and other products, allows remote attackers to cause a denial of service application crash via 1 a crafted RTF file, which triggers a NULL dereference in the cliscanrtf function in libclamav/rtf.c; or 2 a crafted HTML document wit...

4.3CVSS6.8AI score0.01968EPSS
Exploits0References4
OSV
OSV
added 2014/11/26 3:59 p.m.1 views

DEBIAN-CVE-2014-9093

LibreOffice before 4.3.5 allows remote attackers to cause a denial of service invalid write operation and crash and possibly execute arbitrary code via a crafted RTF file...

7.5CVSS6.8AI score0.04143EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2014/03/24 12:0 a.m.3 views

PT-2014-1206 · Microsoft · Sharepoint Server +6

Name of the Vulnerable Software and Affected Versions: Microsoft Word versions 2003 SP3, 2007 SP3, 2010 SP1 and SP2, 2013, and 2013 RT Word Viewer Office Compatibility Pack version SP3 Office for Mac version 2011 Word Automation Services on SharePoint Server versions 2010 SP1 and SP2 and 2013...

9.3CVSS10AI score0.77734EPSS
Exploits10References21
Prion
Prion
added 2009/08/27 8:30 p.m.18 views

Design/Logic Flaw

Sophos PureMessage for Microsoft Exchange 3.0 before 3.0.2 allows remote attackers to cause a denial of service EdgeTransport.exe termination via a TNEF-encoded message with a crafted rich text body that is not properly handled during conversion to plain text. NOTE: this might be related to...

5CVSS6.7AI score0.03329EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder